devsecops-engine-tools 1.105.0__py3-none-any.whl → 1.106.1__py3-none-any.whl

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py

@@ -76,6 +76,9 @@ class TrufflehogRun(ToolGateway):
         enable_custom_rules = config_tool[tool]["ENABLE_CUSTOM_RULES"]
         if enable_custom_rules:
             Utils().configurate_external_checks(tool, config_tool, secret_tool, secret_external_checks, path)
+        exclude_detectors = config_tool[tool]["EXCLUDE_DETECTORS"]
+        if exclude_detectors:
+            exclude_detectors = ",".join(exclude_detectors)
 
         with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool[tool]["NUMBER_THREADS"]) as executor:
             results = executor.map(
@@ -87,7 +90,8 @@ class TrufflehogRun(ToolGateway):
                 [repository_name] * len(include_paths),
                 [enable_custom_rules] * len(include_paths),
                 [agent_os] * len(include_paths),
-                [folder_path] * len(include_paths)
+                [folder_path] * len(include_paths),
+                [exclude_detectors] * len(include_paths)
             )
         findings, file_findings = self.create_file(self.decode_output(results), path, config_tool, tool)
         return  findings, file_findings
@@ -124,7 +128,8 @@ class TrufflehogRun(ToolGateway):
         repository_name,
         enable_custom_rules,
         agent_os,
-        folder_path
+        folder_path,
+        exclude_detectors
     ):
         path_folder = folder_path if folder_path is not None else f"{path}/{repository_name}"
         command = f"{trufflehog_command} filesystem {path_folder} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --no-update --json"
@@ -133,6 +138,9 @@ class TrufflehogRun(ToolGateway):
                                       f"--config {path}/rules/trufflehog/custom-rules.yaml --no-verification --no-update --json" if "Linux" or "Darwin" in agent_os else
                                       "--no-verification --no-update --json")
             
+        if exclude_detectors:
+            command = f"{command} --exclude-detectors {exclude_detectors}"
+            
         result = subprocess.run(command, capture_output=True, shell=True, text=True, encoding='utf-8')
         return result.stdout.strip()
 

devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/driven_adapters/trivy_deserialize_output.py

@@ -21,36 +21,40 @@ class TrivyDeserializator(DeseralizatorGateway):
         with open(image_scanned, "rb") as file:
             image_object = file.read()
             json_data = json.loads(image_object)
-            vulnerabilities_data = json_data.get("Results", [{}])[0].get("Vulnerabilities", [])
-            vulnerabilities = [
-                Finding(
-                    id=vul.get("VulnerabilityID", ""),
-                    cvss=str(
-                        next(
-                            (
-                                v["V3Score"]
-                                for v in vul["CVSS"].values()
-                                if "V3Score" in v
-                            ),
-                            None,
-                        )
-                    ),
-                    where=vul.get("PkgName", "")
-                    + ":"
-                    + vul.get("InstalledVersion", ""),
-                    description=vul.get("Description", "").replace("\n", "")[:150],
-                    severity=vul.get("Severity", "").lower(),
-                    identification_date=datetime.now().strftime("%Y-%m-%dT%H:%M:%S%z"),
-                    published_date_cve=self._check_date_format(vul),
-                    module=module,
-                    category=Category.VULNERABILITY,
-                    requirements=vul.get("FixedVersion") or vul.get("Status", ""),
-                    tool="Trivy",
-                )
-                for vul in vulnerabilities_data
-                if vul.get("CVSS") and vul.get("PublishedDate")
-            ]
-            list_open_vulnerabilities.extend(vulnerabilities)
+            results = json_data.get("Results", [{}])
+
+            for result in results:
+                vulnerabilities_data = result.get("Vulnerabilities", [])
+                vulnerabilities = [
+                    Finding(
+                        id=vul.get("VulnerabilityID", ""),
+                        cvss=str(
+                            next(
+                                (
+                                    v["V3Score"]
+                                    for v in vul["CVSS"].values()
+                                    if "V3Score" in v
+                                ),
+                                None,
+                            )
+                        ),
+                        where=vul.get("PkgName", "")
+                        + ":"
+                        + vul.get("InstalledVersion", ""),
+                        description=vul.get("Description", "").replace("\n", "")[:150],
+                        severity=vul.get("Severity", "").lower(),
+                        identification_date=datetime.now().strftime("%Y-%m-%dT%H:%M:%S%z"),
+                        published_date_cve=self._check_date_format(vul),
+                        module=module,
+                        category=Category.VULNERABILITY,
+                        requirements=vul.get("FixedVersion") or vul.get("Status", ""),
+                        tool="Trivy",
+                    )
+                    for vul in vulnerabilities_data
+                    if vul.get("CVSS") and vul.get("PublishedDate")
+                ]
+                list_open_vulnerabilities.extend(vulnerabilities)
+        
         return list_open_vulnerabilities
 
     def get_container_context_from_results(

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.105.0'
+version = '1.106.1'

{devsecops_engine_tools-1.105.0.dist-info → devsecops_engine_tools-1.106.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.105.0
+Version: 1.106.1
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.105.0.dist-info → devsecops_engine_tools-1.106.1.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=SEPteiAKmXH-B5JojzcRHDChVmeoqG-X532Ga0_GU2U,20
+devsecops_engine_tools/version.py,sha256=Jctld65Ex65MjDF7O1lOFzEfkCaSrUw5zv8WSaRGAiI,20
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -200,7 +200,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapt
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/gitleaks/gitleaks_tool.py,sha256=HTrbIronNbasyALapm0j3ZEaJCs7X7CRPS6uE_xPAMc,6049
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=mrSqPrkMiikxQ_uY-rF2I8QvicsOMdMBzTC8CTV3Wk8,2392
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=azMbd25Yvkil9xh6dWcBFBL1tFse1yr_-2zn8sBUYeU,8176
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=23nTGgwFn_-fNKXJEy2iTV1gIFPE_VdQWX_d8XVEeus,8544
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=61OnP4ehmzh-tRbACgZsB4IJi6J6HT9E6KCOcuhvnRw,1185
 devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -372,7 +372,7 @@ devsecops_engine_tools/engine_utilities/ssh/managment_private_key.py,sha256=Tbe_
 devsecops_engine_tools/engine_utilities/trivy_utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/driven_adapters/trivy_deserialize_output.py,sha256=7jiZ3FRKEnWw542ei6g4ZnGkpX8RInWND_dGwJVgbrs,5321
+devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/driven_adapters/trivy_deserialize_output.py,sha256=Y2X4B9qgNRn1GdRfDHv-rb-v7dNP2Aifmqzq7R3BZFA,5512
 devsecops_engine_tools/engine_utilities/trivy_utils/infrastructure/driven_adapters/trivy_manager_scan_utils.py,sha256=9bUT0V-EFhdik8aNuGTI2i4OnT1YvFT7s7xu5M5sejM,2888
 devsecops_engine_tools/engine_utilities/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/utils/api_error.py,sha256=yRbad5gNUHh5nALBKkRDi-d98JPmqAhw-QJEGW4psrw,528
@@ -383,8 +383,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
-devsecops_engine_tools-1.105.0.dist-info/METADATA,sha256=f4p6nZe_WDm7hrJZrf6rcIEQoyKlG71rZKP76z0a-Y4,3233
-devsecops_engine_tools-1.105.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
-devsecops_engine_tools-1.105.0.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
-devsecops_engine_tools-1.105.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.105.0.dist-info/RECORD,,
+devsecops_engine_tools-1.106.1.dist-info/METADATA,sha256=LTcC_WlH3sZfEDN4ilinU659nrWMJuZzn8wvYVi5IAs,3233
+devsecops_engine_tools-1.106.1.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
+devsecops_engine_tools-1.106.1.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
+devsecops_engine_tools-1.106.1.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.106.1.dist-info/RECORD,,